DevSecOps Engineer

Zoox is seeking a highly skilled and motivated DevSecOps Engineer with a strong specialization in Public Key Infrastructure (PKI), robust experience with Terraform, proficiency in Golang, and deep familiarity with hybrid environments spanning multiple operating systems. This role is critical to securing our infrastructure, enabling streamlined automation, and ensuring the integrity of access controls across complex cloud and on-prem environments. This position on the Cyber Security team is responsible for designing, developing and maintaining Public Key Infrastructure (PKI) solutions at Zoox. This role will be responsible for all aspects of our PKI solutions, which include managing and maintaining the services that encompass the identities of machines, employees, vendors, and customers. The ideal candidate will be capable of engineering and delivering both enterprise and consumer focused solutions associated with PKI.

In this role, you will:

• Work with Developers and Engineers to improve their security posture for credential and key lifecycle management.
• Communicate and collaborate with other teams, both technical and non-technical, to adopt optimized identity-related solutions.
• Contribute to enhancing the team's technical and organizational structure; serve as a role model to others.
• Define, design and develop methods to improve PKI operational procedures through Terraform deployments and automation.
• Propose and implement solutions to unify security policies on-prem and across hybrid Cloud environments.

Qualifications:

• 3–5+ years in DevSecOps, PKI Engineering, or related engineering roles.
• In-depth knowledge of PKI design principles, standards and best practices across hybrid environments.
• Strong experience with Terraform, including module development and environment provisioning.
• Proficiency in Golang and/or Python for backend development, scripting, and automation tasks.
• Solid understanding of Linux, Windows, and container-based OS environments.

Bonus Qualifications:

• Background in threat detection, incident response, or secure systems design is highly desirable.
• Knowledge of AWS Cognito, Hashicorp Vault, AWS Secrets Manager.
• Familiarity with Kubernetes, Helm, and GitOps principles.